Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DO4OttwXroIKjv7VpJ4itf3YXk4.roa
File: DO4OttwXroIKjv7VpJ4itf3YXk4.roa (raw, json)
Hash identifier: iELzgvW624iTIBxZcyA4nLwRmMlI9TW+WFRgVqCetlc=
Subject key identifier: 0C:EE:0E:B6:DC:17:AE:82:0A:8E:FE:D5:A4:9E:22:B5:FD:D8:5E:4E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0192494804717B6C13A4BB8F1F627FAB920D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DO4OttwXroIKjv7VpJ4itf3YXk4.roa
Signing time: Tue 01 Oct 2024 18:11:49 +0000
ROA not before: Tue 01 Oct 2024 18:11:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 2a10:cc40:230::/48 maxlen: 48
2a10:cc40:231::/48 maxlen: 48
2a10:cc40:233::/48 maxlen: 48
2a10:cc40:234::/48 maxlen: 48
2a10:cc40:235::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:49:48:04:71:7b:6c:13:a4:bb:8f:1f:62:7f:ab:92:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 1 18:11:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cee0eb6dc17ae820a8efed5a49e22b5fdd85e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c2:df:4b:14:11:11:11:3f:0e:29:09:1a:42:
17:df:39:2d:72:33:d4:78:8b:6e:69:c2:59:f5:22:
6f:67:be:44:eb:a1:27:44:21:d3:80:22:66:5a:b8:
d8:5c:03:76:cd:6e:b1:00:c5:bd:08:c2:a8:a4:ea:
d1:34:db:43:59:54:62:5b:11:c1:b9:30:00:0b:1c:
16:52:42:62:23:bf:55:5e:59:e1:8f:a0:ae:41:df:
9f:d2:d5:64:d4:43:06:c1:06:fa:fa:c4:fe:61:3a:
fe:df:2a:21:17:29:43:c6:a5:be:ee:2b:73:83:b4:
c4:b3:18:40:d3:93:a6:b6:8d:6b:0c:e5:fd:ca:d5:
55:af:58:f3:de:51:ac:c1:d7:8c:a5:fc:5f:4e:fd:
51:eb:41:be:aa:93:ec:69:7b:88:4f:da:fb:80:b1:
99:eb:14:59:4b:86:79:cf:bf:9e:00:82:ae:a4:93:
95:65:d2:11:24:77:33:4e:65:7d:fb:bb:f0:c7:5d:
91:f9:6b:44:5b:35:51:a2:ab:f1:8e:d7:02:06:eb:
9b:79:d2:8f:b9:86:7f:e0:6a:17:a2:0c:0d:f1:7d:
3f:42:da:00:d0:52:5a:44:05:ce:0a:06:fa:51:58:
10:41:4f:36:92:26:bd:04:f7:c6:3d:36:7f:09:89:
71:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:EE:0E:B6:DC:17:AE:82:0A:8E:FE:D5:A4:9E:22:B5:FD:D8:5E:4E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DO4OttwXroIKjv7VpJ4itf3YXk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:230::/47
2a10:cc40:233::-2a10:cc40:235:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:5a:6f:5f:7b:30:88:9c:57:29:23:e0:7c:6c:0f:ac:71:e9:
32:39:76:e1:2e:fe:0b:5b:56:49:34:ca:ea:90:ef:e6:5b:e5:
17:7f:fe:f3:19:69:4e:dc:be:cb:61:5d:86:5d:77:70:67:8f:
8c:95:09:93:94:59:98:5e:9b:6c:70:c0:8a:e4:6c:58:35:bf:
b0:d7:df:45:35:7a:4b:58:8e:37:af:b0:87:00:6c:bc:b4:32:
40:44:6d:1e:a0:c4:d6:23:5e:2b:53:10:d1:f6:d6:78:e5:df:
a9:24:03:74:1e:fd:6e:5a:71:3c:1d:bd:82:df:41:31:5d:76:
43:70:ce:54:3d:c9:7e:1c:0f:7d:13:ed:ab:bf:e3:d6:de:0c:
54:4f:8c:1b:57:d7:f9:a2:3d:49:8f:72:82:47:6d:9f:92:57:
fb:80:c7:27:6f:99:ca:dd:53:c0:6b:1a:fb:42:66:51:20:9b:
5e:d7:51:30:63:70:a4:06:c4:00:ac:cf:3e:44:cf:72:e9:b8:
9f:45:94:28:91:bc:34:dc:10:0f:19:35:ab:f5:e2:3b:c6:ea:
50:28:0c:c6:ec:d7:53:96:c2:a8:f3:d5:bb:2c:f6:68:bc:40:
65:8c:7f:a2:55:f9:ec:75:85:69:39:d2:f6:70:5f:74:08:50:
67:a8:6c:4f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZJJSARxe2wTpLuPH2J/q5INMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMDAxMTgxMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2VlMGViNmRjMTdhZTgyMGE4ZWZlZDVhNDllMjJiNWZkZDg1ZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sLfSxQRERE/DikJGkIX3zktcjPU
eItuacJZ9SJvZ75E66EnRCHTgCJmWrjYXAN2zW6xAMW9CMKopOrRNNtDWVRiWxHB
uTAACxwWUkJiI79VXlnhj6CuQd+f0tVk1EMGwQb6+sT+YTr+3yohFylDxqW+7itz
g7TEsxhA05Omto1rDOX9ytVVr1jz3lGswdeMpfxfTv1R60G+qpPsaXuIT9r7gLGZ
6xRZS4Z5z7+eAIKupJOVZdIRJHczTmV9+7vwx12R+WtEWzVRoqvxjtcCBuubedKP
uYZ/4GoXogwN8X0/QtoA0FJaRAXOCgb6UVgQQU82kia9BPfGPTZ/CYlxhwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAzuDrbcF66CCo7+1aSeIrX92F5OMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRE80T3R0d1hyb0lLanY3VnBKNGl0ZjNZWGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKhDMQAIw
MBIDBwAqEMxAAjMDBwEqEMxAAjQwDQYJKoZIhvcNAQELBQADggEBABZab197MIic
Vykj4HxsD6xx6TI5duEu/gtbVkk0yuqQ7+Zb5Rd//vMZaU7cvsthXYZdd3Bnj4yV
CZOUWZhem2xwwIrkbFg1v7DX30U1ektYjjevsIcAbLy0MkBEbR6gxNYjXitTENH2
1njl36kkA3Qe/W5acTwdvYLfQTFddkNwzlQ9yX4cD30T7au/49beDFRPjBtX1/mi
PUmPcoJHbZ+SV/uAxydvmcrdU8BrGvtCZlEgm17XUTBjcKQGxACszz5Ez3LpuJ9F
lCiRvDTcEA8ZNav14jvG6lAoDMbs11OWwqjz1bss9mi8QGWMf6JV+ex1hWk50vZw
X3QIUGeobE8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:29 2024 by rpki-client on console-fra.rpki-client.org